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IN THE UNITED STATES PATENT AND PATENT 
TRADEMARK OFFICE 



PETITION UNDER C.F.R. 1.181 



Applicant^): Osamu SHIBATA, et al. Docket No.: 29288.0300 

Serial No.: 09/828,559 Filed: April 6, 2001 

TITLE: COPYRIGHT PROTECTION SYSTEM, Group Art Unit: TBA 
ENCRYPTION DEVICE, DECRYPTION 
DEVICE, AND RECORDING MEDIUM 



. . ■ „ FAX RECESVED 

Commissioner for Patents 

Box PETITIONS NOV 1 7 2003 

Washington, D.C. 20231-9998 

PETITOS OFFICE 

Sir: 



Applicant, pursuant to 37 CFR §1.181, hereby petitions to proceed with prosecution of 
the above-referenced patent application which was misplaced due to an error by the U.S. Patent 
and Trademark Office. 

On April 6, 2001 , the undersigned filed the attached Patent Application 37 C.F.R. 1 .53(b) 
and received a return postcard with the Serial Number 09/828,559 stamped thereon by the 
USPTO office and comlrming receipt of same on April 6, 2001 . 

On March 3, 2003, the undersigned prepared to file an Information Disclosure Statement 
in the above-referenced matter, at which time it was discovered that there was no Filing Receipt 
in the file, nor had we received a Notice to File Missing Parts as a signed declaration was not 
available at the time this application was filed, A member of my staff contacted the U.S. Patent 
and Trademark Office's Office of Initial Patent Examination (OIPE) to determine why we had 
not received an Official Filing Receipt or Notice to File Missing Parts and was informed by a 
clerk of that office that our Customer Number had been incorrectly entered into your tracking 
system and thus our documents were sent to another firm who did not act upon them and the 
application was abandoned for failure to respond. He then stated he would retrieve the file and 
rectify the situation. 

After several weeks, my assistant again contacted the OIPE, and spoke with Monica 
Young who confirmed the error in the Customer Number but indicated it looked like our 
previous request had not been acted upon. 
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Ms. Young then informed my assistant that she would retrieve the file from the repository 
and proceed to have the case reinstated as the error was obviously a USPTO error. Ms. Young 
stated she would contact ray assistant once the file was returned from the repository but to be 
patient as it could take some time. 

After several weeks, my assistant attempted to contact Ms. Young several times and once 
able to reach her was informed that the USPTO's system showed the file should be in her area 
but that it had not yet made it to her desk. Ms. Young did indicate that the file showed in the 
system as having been in her area for several days and that it was strange it had not yet made it to 
her desk. She then indicated she would initiate a search for the file and contact my assistant once 
it was located. Jt has again been several weeks since my assistant has heard from Ms. Young. 
She has made attempts to contact her in the last few days, but has yet to receive a response. 

It was then determined that we submit this Petition and request that prosecution proceed. 

Therefore, please treat the attached paperwork as if it is the original application which 
was filed on April 6, 2001, by this office and grant the application that filing date. We also 
hereby revoke any instructions to charge the filing fees to our Deposit Account No. 19-2814 with 
regard to this application as the filing fee was already submitted in the form of Check No 
501 01 9, a copy of which is enclosed. 

Should the Commissioner or his Examiner wish to discuss this matter, please contact the 
undersigned at (602) 382-6377. 



Respectfully submitted, 



SNELL & WILMER L.L.P. 

One Arizona Center 
400 East Van Buren 
Phoenix, Arizona 85004-2202 
(602) 382-6377 




Michael K. Kelly 
Reg. No. 32,848 
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(602)382-6000 
Fax: (602) 382-6070 
www.sw1aw.com 
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TUCSON, ARIZONA 
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SALT LAKE CITY. UTAH 
DFNVF.R, COLORADO 
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DATE: 
TO: 



FACSIMILE TRANSMISSION 

November 17, 2003 



TIME IN: / 
TIME OUT: 



Name 


Fax Number 


Phone Number 


CHfF Congo 


703-308-6916 


703-305-0272 


Office of Petitions - USPTO 







FROM: 
RE: 

MESSAGE: 



Julie Eslick PHONE: 602-382-6854 

U.S. Serial No. 09/828,559 - Petition Under CFR 1.181 



Cliff: 



FAX RECEIVED 
NOV 1 7 2003 

PETITION'S QFFICF 



Per our conversation, attached is a copy of our petition which was filed on August 12, 2003. If 
you need anything further, please do not hesitate to contact me. Please confirm receipt of this 
transmission by return facsimile. Thanks. 
Julie A. Eslick 

Patent & Trademark Assistant 



ORIGINAL DOCUMENT: Will not be sent NUMBER OF PAGES (Including Cover): 77 
CONFIRMATION NO.: CLIENT MATTER NO.: 29288.0300 

PLEASE RETURN TO: Julie Eslick at 1 6107 PERSONAL FAX: No 

REQUESTOR: Julie Eslick DIRECT LINE: 602-382-6854 

IF YOU HAVE NOT PROPERLY RECEIVED THIS TELECOPY, PLEASE CALL US AT (602) 382-6075 

OUR FACSIMILE NUMBER IS (602) 382-6070. 



THE INFORMATION CONTAINED IN THIS FACSIMILE MESSAGE IS ATTORNEY PRIVILEGED AND CONFIDENTIAL INFORMATION INTENDED ONLY FOR 
SS.^L° F ™ E INDMDUAL 0R ENTITY NAMED ABOVE. IF THE READER OF THIS MESSAGE IS NOT THE INTENDED RECIPIENT OR THE 
EMPLOYEE OR AGENT RESPONSIBLE TO DELIVER IT TO THE INTENDED RECIPIENT. YOU ARE HEREBY NOTIFIED THAT ANY DISSEMINATION 
DISTRIBUTION OR COPYING OF THIS COMMUNICATION IS STRICTLY PROHIBITED. IF YOU HAVE RECEIVED THIS COMMUNICATION IN ERROR' 
PLEASE IMMEDIATELY NOTIFY US BY TELEPHONE, AND RETURN THE ORIGINAL MESSAGE TO US AT THE ABOVE ADDRESS VIA THE U.S. POSTAL 
SERVICE. THANK YOU. 
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room stamp affixed hereto acknowledges receipt 
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OF 



Serial Nd^f ^ 
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Pl«se type a phis sign (+) Ihsida this box — * I + I 



PTO/SB/05 (11-00) 
Approved for use through 10/31/2002, OMB 0651-0032 
Patent and Trademark Office: U^. DEPARTMENT OF COMMERCE 
Un der the Papeiwortt Reduction Act of 1995. no perrons are required to respond to a collection of Information unless H displays a valid OMB control numb er. 



UTILITY 
PATENT APPLICATION 
TRANSMITTAL 

(onty for new nonpravfstonaf tppfcettons under 37 CFR 1.83(b)) 



Attorney Docket No. 



First Inventor 



We 



i 



292*8.0300 



Osamu 5HIBATA, et aL 



COPYRIGHT PROTECTION SYSTEM, ENCRYPTION™ 



Express MaH Label No. \ 



EM339435647US 



APPLICATION ELEMENTS 

See MPEP chapter 600 concerning utility patent application contents. 



Assistant Commissioner for Patents 
ADDRESS TO: Box Patent Application 
Washington, D.C. Z0231 



ri] Fee Transmittal Form (e.g., PTO/SB/17) 
I I (Submit an original, and a duplicate for fee processing) 

□ Applicant claims small entity status 
See 37 CFR 1.27. 



54 



3. I J I Specification [Total Pages 
(preferred arrangement set forth below) 

- Descriptive title of the invention 

- Cross Reference to Related Applications 

- Statement Regarding Fed sponsored R&D 

- Reference to sequence listing, a table, 
or a computer program feting appendix 

- Background of the Invention 

- Brief Summary of the Invention 

- Brief Description of the Drawings (ifftied) 

- Detailed Description 

- Ctaim(s) 

- Abstract of the Disclosure 



4. | [ Drawing(s) (35U.S.C. 113) [Total Sheets | 9 | ; 

5. Oath or Decla ration [Total Pages | J / 
a. | | Newly executed (original of copy) 

Copy from a prior appfication (37 CFR 1 .63(d)) 
(for continuation/divisional With BOX 18 completed) 

□ DELETION OF INVENTORfSl 
Stgned statement attached dele ling Inventor^) 
named In (he prior application, see 37 CFR 
1 .63<d)<9 and 1 33(b), 

6. | J | Application Data Sheet See 37 CFR 1 .76 



7. | CD-ROM or CD-R in duplicate, large table or Computer 
' ' Program (Appendix) 

8. Nucleotide and/or Amino Acid Sequence Submission 
(IT applicable, all necessary) 

| | Computer Readable Form (CRF) 

Specification Sequence Listing on: 

i. □ " CD-ROM or CD-R (2 copies); or 
fi. Q paper 

| Statements verifying identity of above copies 



a. 
b. 



□ 



I. 



9. 
10. 
11. 
12. 
13, 
14. 
15. 
16. 

17. 



ACCOMPANYING APPLICATION PARTS 



J"y| Copies of IDS 



Citations 



□ 



Assignment Papers (cover sheet & documents)) 

37 CFR 3.73(b) Statement I I Dwuornf AttAmBU 
(when there Is an assignee) | I Power of Attorney 

English Translation Document (it applicable) 

Information Disclosure 
Statement (iDsypTO-1449 

Preliminary Amendment 

Return Receipt Postcard (MPEP 503) 
(Should be specifically Itemized) 
Certified Copy of Priority Document(s) 
(If foreign priority Is claimed) 
Request and Certification under 35 U.S.C. 122 
(b)(2)(B)(j)_ Applicant must attach form PTO/SB/35 
or its equivalent 

Other 



16. If a CONTINUING APPLICATION, check appropriate txxx. End supply 
or in an Application Data Steer t/rafer 37 CPR 1.7$: 

| | Continuation | | DMsbnal Q f^rOInu^tten-in-part (CIP) of prtor application No.: / 



Prior application Information: Exammer_ 



Group /Art Unit _ 



For CONTINUATION OR DIVISIONAL APPS only: The entire disclosure of the prior application, from which an oath or declaration is supplied 
under Box Eb, is considered a part of the disclosure of the accompanying continuation or divisional application and Is hereby Incorporated by 
reference. The incorporation can only be refled upon when a portion has been inadvertently omitted from the submitted application parte. 



19. CORRE5 PON PENCE ADDRESS 



IX I Customer Number or Bar Code Label !• 



f; 20322 ii 



or I I Correspondence address below 



Name 


Michael K. Kelly 














SNELL & WILMER, LLP 










rcuv i / tm 


Address 


One Arizona Center 


400 E» Van Buren Street 












City 


Phoen&Z 


State 


AZ 


Zip Code 


S50D4-22Q2 


Country 


USA 


Telephone 


602-3B2-1291 


Fax 


$02-382^070 



Name (PrimrTyp*) 



Michael K. Kelly 

s fo < 



I Registration No. (Atemy/Agcnt) 



32,848 



5 



Signature 



Date 



4/6/01 



Burden Hour Statement; This form Is estimated lo lake 0.2 hours fo complete. \Time will vary depending upon the needs of the individual esse. Any 
comments on (ha amounl of lima you arc required lo complete this form should bejent lo the Chief informs lion Officer. \JJS. Patent and Trademark Office. 
Washington. DC 2D231. DO NOT SEND FEES OR COMPLETED FORMS TOJ^IS ADDRESS. SEND TO; Assistant Commissioner for Patenta, Box 
Patent Appfication, Washington, DC 20231. 
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v -^" PTQ/5B/17 (11-00) 

Approved for use through 10/31/2002. OM5 0651-0032 
PaWjrrt and Trademark Office: U.S. DEPARTMENT OF COMMERCE 
Under tho Paperwork Reduction Act of 1995, no persons are required to respond to a collection of Information unless it dispfays a valid QMS control number 



TRANSMITTAL 
for FY 2001 

Patent fees arc subject to annua) revision. 



TOTAL AMOUNT OF PAYMEMT 



$1,276,00 



C mpleto if Known 



Application Number 



Ring Date 



First Named Inventor 



Examiner Name 



Group Art Unit 



Attorney Docket No. 



To be assigned 



April 6, 2001 



FAX RECF5VFD 



Osamu SH1BATA, et aL 



To be assigned 



NCV 1 7 2C03 



To be assigned 



292&&0300 



METHOD OF PAYMENT 



FEE CALCULATION (continued) 



^ The Commissioner Is hereby authorized lo charge 



Deposh 
Account 
Number 

Deposit 
Account 
Name 



indicated fees and credit any overpayments (o: 



19-2814 



3. ADDITIONAL FEES 
Large Entity Small Entity 
Fee Fee Fee Fee 
Code ($) Code ($) 

105 130 205 65 Surcharge - late filing fee or oath 



Fee Description 



Fee Paid 



Sncll and Wilmer, LLP 



in Change Any Additional Ffte Required 
VS Under 37 d=R §§l.lSarK3U7 

□ Applicant dahnfl amaD entity statue. 
Sw37CFRfi1.27 



2. ^3 Payment Enclosed: 

J3 Check □ Credit card Q Ordc7 □ 0 ***T 



127 SO 227 25 Surcharge - late provisional tiling fee or cover 
s he el 

133 130 139 130 Non - English specification 

147 2,520 147 2,520 For Hling a request for OX parte reexamination 

112 920" 112 920* Requesting publication of SIR prior to Examiner 

action 

113 1.B40* 113 1 .840* Requesting publication of SIR after Examiner 

action 



FEE CALCULATION 



710.00 



1. BASIC FILING FEE 
Large Entity small Entity 
Fee Fee Fee Fee Fee Description 
Code ($) Code (5) Fee Paid 

101 710 201 355 Utility filing fee 

106 320 206 160 Design tiling fee 

107 490 207 245 Plant tiling fee 

108 710 208 355 Reissue filing Tee 
114 150 214 75 Provisional fifing fee 

SUBTOTAL (1) | 5710.00 



2. EXTRA CLAIM FEES 



Extra Claims 

Total Ctolms |~ 47 1 *20** » j_.Z7] X I IH.00 

Jg^™*** I 71 -3"- I J, I X I, BO.nq 
Multiple Dependent 

L^rge Entity small Entity 
Fee Fee Fee Fee 

Code ($) code ($) 

103 18 203 9 



Fee from _ 
below Fee Paid 



Fee Description 



102 60 202 40 
104 270 204 135 
109 B0 209 40 



110 16 210 9 



Claims in excess of 20 

Independent claims in excess of 3 

Multiple dependent claim, if not paid 

~ Reissue Independent claims 
over original patent 

" Reissue claims in excess of 20 
And over original patent 



115 


110 


215 


56 Extension for reply within first month 


116 


390 


215 


1&5 Extension for reply within second month 


117 


890 


217 


445 Extension for reply within third month 


118 


1,390 


216 


095 Extension for reply within fourth month 


12$- 1,690 


228 


fl45 Extension for reply wllhm fifth month 


119 


310 


219 


155 Notice of Appeal 


120 


310 


220 


155 Filing a brief in support of an appeal 


121 


270 


221 


135 Requesl for oral hearing 


138 1510 


138 1 ,510 Petition to institute a public use proceeding 


140 


110 


240 


55 Petition to revive - unavoidable 


141 


1,240 


241 


620 Petition to revive - unintentional 


142 


1,240 


242 


620 Utility Issue fee (or reissue) 


143 


440 


243 


220 Design issue fee 


144 


600 


244 


300 Plant issue fee 


122 


.130 


122 


130 Petitions to the Commissioner 


123 


GO 


123 


60 Processing fee under 37 CFR 5 1.1 7<q) 


126 


180 


126 


180 Submission of InformaQon Disclosure 
Statement 


581 


40 


551 


40 Recording each patent assignment per prope 
(times number of properties) 


146 


710 


246 


355 Hllnq a submission aiter final rejection 
(37CFR § 1.129(a)) 


149 


710 


249 


355 For each additional invention lo be examined 
(37CFR 51.129(b)) 


179 


710 


279 


355 Requesl Tor Continued Examination (RCE) 


169 


900 


163 


SO0 Requesl for expedited examination 
of a design application 


Other fee (specify) 





SUBTOTAL (2) 



S566.00 



"Tar number previously pa/d, trgrtatdr. For Reissues, see above 



•Reduced by Baste Filing Fee Paid 



SUBTOTAL (3) 



'SUBMITTED BY 



I Name (Primrtypiii 




32*46 


Tefephone 


602-392-6291 | 


KsignatuiB 1 






Date 


4/6/01 J 



WARNING: Information an this form may become public, credit card Information should not 
be included on this form. Provide credit card information and authorization on PTO-2038. 

Burden Hour Statement: This form is estimated to lake 0.2 hours to complete. Time will vary depending upon the needs of the individual case. Any comments 
on the amount qf time you are required to complete till* form should he sent to the Chief Information Officer. Patent and Trademark Office , Weshtngton. DC 
20231. DO NOT SEND FEES OR COMPLETED FORMS TO THIS ADDRESS. SEND TO; Assistant Commissioner for Patents. Washington. DC 20231. 
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LAW OFFICES 

One Arizona Center 
Phoenix, Arizona 85004-2202 
(602) 382-6000 
Fax: (602) 382-6070 
www.swlaw.com 



TUCSON, ARIZONA 
IRVINK. CALIFORNIA 
SALT LAICE CITY. UTAH 
DENVER, COLORADO 
LAS VEOAS, NHVADX 



DATE: 
TO: 



FACSIMILE TRANSMISSION 

November 17, 2003 



TIME IN: I 
TIME OUT: 



Name 



Fax Number 



phone Number 



Cliff Congo 

Office of Petitions - USPTO 



703-308-6916 



703-305-0272 



602-382-6854 



FROM: Julie Eslick PHONE: 
RE: U.S. Serial No. 09/828,559 - Petition Under CFR 1.181 
MESSAGE: 



FAX RECEIVED 
NOV 1 7 2003 

PETITIONS OFFICE 



Cliff: 

Per our conversation, attached is a copy of our petition which was filed on August 12, 2003. If 
you need anything further, please do not hesitate to contact me. Please confirm receipt of this 
transmission by return facsimile. Thanks. 
Julie A. Eslick 

Patent & Trademark Assistant 



ORIGINAL DOCUMENT: 
CONFIRMATION NO.: 
PLEASE RETURN TO: 
REQUESTOR: 



Will not be sent 



NUMBER OF PAGES (Including Cover): 77 
CLIENT MATTER NO.: 29288.0300 
Julie Eslick at 16107 PERSONAL FAX: No 
Julie Eslick DIRECT LINE: 602-382-6854 



IF YOU HAVE NOT PROPERLY RECEIVED THIS TELECOPY, PLEASE CALL US AT (602) 382-6075. 

OUR FACSIMILE NUMBER IS (602) 382-6070. 



THE INFORMATION CONTAINED 
THE USE OF THE INDIVIDUAL 
EMPLOYEE OR AGENT RESPOI 
DISTRIBUTION OR COPYING 01 
PLEASE IMMEDIATELY NOTIFY I 
SERVICE. THANK YOU. 




CONFIDENTIAL INFORMATION INTENDED ONLY FOR 
SAGE IS NOT THE INTENDEO RECIPIENT, OR THE 
KE HEREBY NOTIFIED THAT ANY DISSEMINATION, 
IAVE RECEIVEO THIS COMMUNICATION IN 6RROR, 
US AT THE ABOVE ADDRESS VIA THE U.S. POSTAL 
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INVENTOR INFORM 




Inventor One Given Name:; Osamu 
Family Name:: SHI BAT A 

Postal Address Line One:: 211/ Shonanryo, 1-6-22, Kikusuidori, 

Postal Address Line Two:: Moriguchi-shi 

City: : Osaka 

Country: : Japan 

Postal or Zip Code:: 570-0032 

City of Residence:: Osaka 

Country of Residence:: Japan 

Citizenship Country: : Japan 

Inventor Two Given Name:: Tsutomu 

Family Name:: SEKIBE 

Postal Address Line One;: 5-49-34, Yamanoue, Hirakata-shi , 

City: : Osaka 

Country:: Japan 

Postal or Zip Code:; 573-0047 

City of Residence:: Osaka 

Country of Residence:: Japan 

Citizenship Country:: Japan 



CORRES PQNDENCE INFORMATION 

Correspondence Customer Number;: 20322 
Fax One:: 602-332-6070 

Electronic Mail One:: mkelly@swlaw.com 
APPLICATION INFORMATION 

Title Line One:: COPYRIGHT PROTECTION SYSTEM, ENCRYPTION 

Title Line Two:: DEVICE, DECRYPTION DEVICE AND RECORDING 

Title Line Three:: MEDIUM 

Total Drawing Sheets : : 9 

Formal Drawings?:: Yes 

Application Type:: Utility 

Docket Number: : 29288.0300 

Secrecy Order in Parent Appl,?:: No 

REPRESENTATIVE INFORMATION 

Representative Customer Number:: 20322 

PRIOR FOREIGN APPLICATIONS 

Foreign Application One:: 2000-105525 
Filing Date:: 04-06-2000 
Country: : Japan 
Priority Claimed: : Yes 
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BACKGROUND OF THE INVENTION 

1. FIELD OF THE INVENTION: 

The present invention relates to a communication 
5 system performing cryptographic communication in which 
digital contents, such as music, images, videos, and games, 
having a decryption limitation are transferred using a 
common key which is shared by devices so that the decryption 
of the digital contents is forbidden when the updating of 

10 the decryption limitation is unauthorized. More 
particularly, the present invention relates to a copyright 
protection system, an encryption device, a decryption 
device, and a recording medium for protecting copyrights 
by associating update information on the decryption 

15 limitation with the common key, 

2, DESCRIPTION OF THE RELATED ART i 

Recently, the development of digital information 
compression technologies and the explosive pervasion of 
communication infrastructures have realized that contents, 
such as music, images, videos, and games, are distributed 
in the form of digital information via communication lines 
to homes . 

25 The digital information distributed via 

communication lines is in the form of data which is not stored 
in any medium. Therefore , the flexibility of distribution 
service forms is dramatically increased. Distribution 
services can not only provide digital contents but also limit 

30 the use of the contents (e.g., the limited number of uses 
and the limited period of use). A wide variety of 
distribution service forme are contemplated. 



20 
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The establishment of distribution systems, in which 
the copyrights of digital contents and the profits of 
distributors are protected, requires solving how to prevent 
unauthorized actions, such as fraud possession by 
communication intercept, eavesdropping, pretending, or the 
like, and illegal duplications and falsifications of 
received data stored in a recording medium. Such a solution 
would be provided by copyright protection technologies, 
such as an encryption/authentication technique performing 
the identification of authentic systems, data scramble, and 
the like. 



There are a variety of conventional copyright 
protection technologies. A typical technology is a 
15 challenge- response type mutual authentication system in 
which random numbers and response values are exchanged 
between a data encryption device and a data decryption device 
so that both devices are mutually authenticated, and data 
is transferred when the authentication is established. 

20 

The term * decryption limitation" as used herein 
refers to information on whether contents transferred from 
an encryption device to a decryption device are allowed to 
be used (e . g. , reproduce to make a sound) . For example, when 
25 contents are associated with the number of times the contents 
can be reproduced, such a number of times is a decryption 
limitation . 



The term 'updating of a decryption limitation" as 
used herein refers to a rule which is used in updating a 
decryption limitation. For example, for contents 
associated with the number of times the contents can be 
reproduced (e.g., N times), such a number of times is a 
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decryption limitation transferred from an encryption device 
to a decryption device, and the updating of the decryption 
limitation means that the number of times is reduced by one. 

The term ^update information on a decryption 
limitation" as used herein refers to a decryption limitation 
which is updated. For example , for contents associated with 
the number of times the contents can be reproduced (e.g., 
N times), the number of times which is a decryption 
limitation transferred from an encryption device to a 
decryption device, is updated so that the update information 
on the decryption limitation is rewritten to m N-l times". 



A typical cryptographic communication system in 
which digital contents having a decryption limitation are 
transferred using the above -described mutual 
authentication technique, will be described. An encryption 
device and a decryption device are mutually authenticated. 
Only when the authentication is established, the decryption 
limitation is encrypted and then transferred from the 
encryption device to the decryption device . The decryption 
device interprets the decryption limitation to determine 
whether the digital contents can be decrypted, and updates 
the decryption limitation. The update information on the 
updated decryption limitation is encrypted and transferred 
to the encryption device. Thereafter, the contents are 
encrypted and loaded into the decryption device which in 
turn decrypts the loaded contents. 

A decryption limitation should be correctly updated. 
In other words, update information on a decryption 
limitation decrypted by a decryption device should be 
received by an authenticated encryption device. If a 
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decryption limitation is not correctly updated, i.e., 
update information on a decryption limitation decrypted by 
a decryption device is received by a false encryption device 
pretending to be an authenticated encryption device, the 
5 decryption limitation is not updated by the authenticated 
encryption device and contents loaded from the 
authenticated encryption device are decrypted by the 
decryption device in an unauthorized manner. Therefore, a 
system is required in which, when update information on a 
10 decryption limitation decrypted by a decryption device is 
received by a false encryption device pretending to-be an 
authenticated encryption device, the decryption device is 
forbidden to decrypt contents loaded from the authenticated 
encryption device _ 

15 

In the above -de scribed mutual authentication 
technique, a determination is made only as to whether 
communicating devices are authenticated. Whether a 
decryption limitation is currently updated is not 

20 determined. Therefore, an unauthorized action cannot be 
prevented. If update information on a decryption 
limitation decrypted by a decryption device is received by 
a false encryption device pretending to be an authenticated 
encryption device, the decryption limitation is not updated 

25 by the authenticated encryption device, and nevertheless 
contents loaded from the authenticated encryption device 
cannot be decrypted by the decryption device in an 
unauthorized manner _ 

30 SUMMARY OF THE INVENTION 



According to one aspect of the present invention, 
a copyright protection system comprises an encryption 
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device and a decryption device, wherein cryptographic 
communication is performed between the encryption device 
and the decryption device using a contents key. The 
encryption device includes a contents storage section for 
5 storing contents, a first contents key generation section 
for generating the contents key based on a second decryption 
limitation obtained by updating a first decryption 
limitation, and a first encryption section for encrypting 
the contents using the contents key and outputtlng the 

10 encrypted contents. The decryption device includes a 
second contents key generation section for generating the 
contents key from the second decryption limitation, and a 
first decryption section for decrypting the encrypted 
contents using the contents key generated by the second 

15 contents key generation section. 

In one aspect of this invention, the decryption 
device further includes a decryption limitation updating 
section for updating the first decryption limitation to the 

20 second decryption limitation in accordance with a 
decryption limitation updating rule, and a second 
encryption section for encrypting the second decryption 
limitation using a time-varying key, and outputting the 
first encrypted decryption limitation. The encryption 

25 device further Includes a second decryption section for 
decrypting the first encrypted decryption limitation 
transferred from the second encryption section using the 
time-varying key to generate the second decryption 
limitation. The first contents key generation section 

30 generates the contents key based on the second decryption 
limitation generated by the second decryption section. 



In one aspect of this invention, the encryption 
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device further includes a first common key storage section 
for storing a common key, a decryption limitation storage 
section for storing the first decryption limitation, a first 
random number generation section for generating a first 
5 random number, a first mutual authentication section for 
performing mutual authentication in association with the 
decryption device using the first random number , and a second 
random number transferred from the decryption device, a 
first time-varying key generation section for generating 

10 the time-varying key using the first random number and the 
second random number in response to the authentication by 
the first mutual authentication section, and a third 
encryption section for encrypting the first decryption 
limitation using the time-varying key and outputting the 

15 second encrypted decryption limitation. The decryption 
device further includes a second common key storage section 
for storing the common key, a second random number generation 
section for generating the second random number, a second 
mutual authentication section for performing mutual 

20 authentication in association with the encryption device 
using the second random number and the first random number, 
a second time-varying key generation section for generating 
the time-varying key using the second random number and the 
first random number in response to the authentication by 

25 the second mutual authentication section, and a third 
decryption section for decrypting the second encrypted 
decryption limitation using the time-varying key* 

In one aspect of this invention, the decryption 
30 device further includes a first decryption limitation 
updating section for updating the first decryption 
limitation to the second decryption limitation in 
accordance with a decryption limitation updating rule, and 
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a second contents key generation section for generating the 
contents key based on the second decryption limitation 
updated by the first decryption limitation updating section. 
The encryption device further includes a second decryption 
5 limitation updating section for updating the first 
decryption limitation to the second decryption limitation 
in accordance with the decryption limitation updating rule 
in response to the updating of the first decryption 
limitation by the first decryption limitation updating 
10 section. The first contents key generation section 
generates the contents key based on the second decryption 
limitation updated by the first decryption limitation 
updating section - 

15 In one aspect of this invention, the encryption 

device further includes a first common key storage section 
for storing a common key, a decryption limitation storage 
section for storing the first decryption limitation, a first 
random number generation section for generating a first 

20 random number, a first mutual authentication section for 
performing mutual authentication in association with the 
decryption device using the first random number , and a second 
random number transferred from the decryption device, a 
first time-varying key generation section for generating 

25 a time-varying key using the first random number and the 
second random number in response to the authentication by 
the first mutual authentication section, and a second 
encryption section for encrypting the first decryption 
limitation using the time-varying key and outputting an 

30 encrypted decryption limitation. The decryption device 
further includes a second common key storage section for 
storing the common key, a second random number generation 
section for generating the second random number, a second 
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mutual authentication section for performing mutual 
authentication in association with the encryption device 
using the second random number and the first random number, 
a second time-varying key generation section for generating 
5 the time-varying key using the second random number and the 
first random number in response to the authentication by 
the second mutual authentication section, and a second 
decryption section for decrypting the encrypted decryption 
limitation using the time-varying key. 

10 

In one aspect of this invention , the second 
decryption limitation updating section updates the first 
decryption liinitation to the second decryption limitation 
in advance. The first contents key generation section 
15 generates the contents key from the second decryption 
limitation. The second decryption limitation updating 
section stores the second decryption limitation in the 
decryption limitation storage section in response to the 
start of processing by the first encryption section. 

20 

In one aspect of this invention, the, first and second 
time-varying key generation sections generate the time- 
varying key based on the first and second random numbers 
and the common key. 

25 

In one aspect of this invention, the first and second 
contents key generation sections generate the contents key 
based on the second decryption limitation and the time- 
varying key. 

30 

In one aspect of this invention r the encryption 
device and the decryption device further Include respective 
first and second data sequence key generation sections for 
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generating a data sequence key based on a data sequence input 
to or output from the encryption device and the decryption 
device. The first and second time-varying key generation 
sections generate the time-varying key based on the first 
5 and second random numbers and the respective data sequence 
key. 

In one aspect of this invention, the encryption 
device and the decryption device further include respective 

10 first and second data sequence key generation sections for 
generating a data sequence key based on a data sequence- input 
to or output from the encryption device and the decryption 
device. The first and second time-varying key generation 
sections generate the time-varying key based on the first 

15 and second random numbers , the common key, and the respective 
data sequence key. 

In one aspect of this invention, the encryption 
device and the decryption device further include respective 

20 first and second data sequence key generation sections for 
generating a data sequence key based on a data sequence input 
to or output from the encryption device and the decryption 
device. The first and second contents key generation 
sections generate the contents key based on the second 

25 decryption limitation and the respective data sequence key. 

In one aspect of this invention, the encryption 
device and the decryption device further include respective 
first and second data sequence key generation sections for 
generating a data sequence key based on a data sequence input 
to or output from the encryption device and the decryption 
device. The first and second contents key generation 
section generate the contents key based on the second 



30 
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decryption limitation, the time- varying key, and the 
respective data sequence key- 
In one aspect of this invention, the first and second 
5 mutual authentication sections mutually authenticate the 
decryption device and the encryption device, respectively, 
by communication in accordance with a challenge-response 
type authentication protocol. 

10 According to another aspect of the present invention, 

an encryption device for performing cryptographic 
communication in association with a decryption device using 
a contents key, comprises a contents storage section for 
storing contents, a contents key generation section for 

15 generating the contents key based on a second decryption 
limitation obtained by updating a first decryption 
limitation, and a first encryption section for encrypting 
the contents using the contents key and outputting the 
encrypted contents. 

20 

In one aspect of this invention, the encryption 
device f urther includes a decryption section for decrypting 
the first encrypted decryption limitation transferred from 
the decryption device using the time-varying key to generate 
25 the second decryption limitation, and the contents key 
generation section generates the contents key based on the 
second decryption limitation generated by the decryption 
device » 

30 In one aspect of this invention, the encryption 

device further includes a common key storage section for 
storing a common key, a decryption limitation storage 
section for storing the first decryption limitation, a first 
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random number generation section for generating a first 
random number, a mutual authentication section for 
performing mutual authentication in association with the 
decryption device using the first random number, and a second 
5 random number transferred from the decryption device, a 
time-varying key generation section for generating the 
time-varying key using the first random number and the second 
random number in response to the authentication by the mutual 
authentication section, and a second encryption section for 
10 encrypting the first decryption limitation using the 
time-varying key and outputting the second encrypted 
decryption limitation. 

In one aspect of this invention, the encryption 
15 device further includes a decryption limitation updating 
section for updating the first decryption limitation to the 
second decryption limitation in accordance with a 
decryption limitation updating rule in response to the 
updating of a decryption limitation by the decryption device . 
20 The contents key generation section generates the contents 
key based on the second decryption limitation obtained by 
the decryption limitation updating section. 

In one aspect of this invention, the encryption 
25 device further includes a common key storage section for 
storing a common key, a decryption limitation storage 
section for storing the first decryption limitation, a first 
random number generation section for generating a first 
random number, a mutual authentication section for 
30 performing mutual authentication in association with the 
decryption device using the first random number, and a second 
random number transferred from the decryption device, a 
■time-varying key generation section for generating a 
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time -varying key using the first random number and the second 
random number in response to the authentication by the mutual 
authentication section, and a second encryption section for 
encrypting the first decryption limitation using the 
time-varying key and outputting an encrypted decryption 
limitation. 



In one aspect of this invention, the decryption 
limitation updating section updates the first decryption 
limitation to the second decryption limitation in advance . 
The decryption limitation updating section outputs the 
second decryption limitation to the contents key generation 
section. The contents key generation section generates the 
contents key from the second decryption limitation. The 
decryption limitation updating section stores the second 
decryption limitation in the decryption limitation storage 
section in response to the start of processing by the first 
encryption section - 

In one aspect of this invention, the time -varying 
key generation section generates the time-varying key based 
on the first and second random numbers and the common key. 

In one aspect of this invention, the contents key 
generation section generates the contents key based on the 
second decryption limitation and the time-varying key. 

In one aspect of this invention, the encryption 
device further includes a data sequence key generation 
section for generating a data sequence key based on a data 
sequence input to or output from the encryption device, the 
time-varying key generation section generates the time- 
varying key based on the first and second random numbers 
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and the data sequence key. 

In one aspect of this invention, the encryption 
device further includes a data sequence key generation 
5 section for generating a data sequence key based on a data 
sequence input to or output from the encryption device. The 
time-varying key generation section generates the time- 
varying key based on the first and second random numbers, 
the common key, and the data sequence key_ 

10 

In one aspect of this invention, the encryption 
device further includes a data sequence key generation 
section for generating a data sequence key based on a data 
sequence input to or output from the encryption device. The 
15 contents key generation section generates the contents key 
based on the second decryption limitation and the data 
sequence key. 

In one aspect of this invention, the encryption 
20 device further includes a data sequence key generation 
section for generating a data sequence key based on a data 
sequence input to or output from the encryption device * The 
contents key generation section generates the contents key 
based on the second decryption limitation, the time-varying. 
25 key, and the data sequence key. 

According to another aspect of the present invention, 
a decryption device for performing cryptographic 
communication in association with an encryption device 
30 using a contents key, comprises a contents key generation 
section for generating the contents key from a second 
decryption limitation, and a first decryption section for 
decrypting encrypted contents using the contents key 
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generated by the contents key generation section. 

In one aspect of this invention, the decryption 
device further includes a decryption limitation updating 
5 section for updating a first decryption limitation to the 
second decryption limitation in accordance with a 
decryption limitation updating rule r and an encryption 
section for encrypting the second decryption limitation 
using a time*- varying key, and outputting the first encrypted 
10 decryption limitation. 

In one aspect of this invention, the decryption 
device further includes a common key storage section for 
storing the common key, a random number generation section 

15 for generating the second random number, a mutual 
authentication section for performing mutual 
authentication in association with the encryption device 
using the second random number and a first random number, 
a time-varying key generation section for generating the 

20 time-varying key using the second random number and the first 
random number in response to the authentication by the mutual 
authentication section, and a second decryption section for 
decrypting a first encrypted decryption limitation using 
the time -varying key* 

25 

In one aspect of this invention, the decryption 
device further includes a decryption limitation updating 
section for updating the first decryption limitation to a 
second decryption limitation in accordance with a 
30 decryption limitation updating rule. A contents key 
generation section for generating the contents key based 
on the second decryption limitation updated by the 
decryption limitation updating section. 
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In one aspect of this invention, the decryption 
device further includes a second common key storage section 
for storing the common key , a second random number generation 
5 section for generating the second random number, a mutual 
authentication section for performing mutual 
authentication in association with the encryption device 
using the second random number and a first random number, 
a time-varying key generation section for generating the 
10 time-varying key using the second random number and the first 
random number in response to the authentication by the mutual 
authentication section, and a second decryption section for 
decrypting encrypted decryption limitation using the 
time -varying key. 

15 

In one aspect of this invention, the time-varying 
key generation section generates the time-varying key based 
on the first and second random numbers and the common key. 

20 in one aspect of this invention, the contents key 

generation section generates the contents key based on the 
second decryption limitation and the time-varying key. 

In one aspect of this invention, the decryption 
25 device further includes a data sequence key generation 
section for generating a data sequence key based on a data 
sequence input to or output from the decryption device. The 
time-varying key generation section generates the time- 
varying key based on the first and second random numbers 
30 and the data sequence key- 

In one aspect of this invention, the decryption 
device further includes a data sequence key generation 
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section for generating a data sequence key based on a data 
sequence input to or output from the decryption device. The 
time-varying key generation section generates the time- 
varying key based on the first and second random numbers, 
5 the common key, and the data sequence key. 

In one aspect of this invention , the decryption 
device further includes a data sequence key generation 
section for generating a" data sequence key based on a data 
10 sequence input to or output from the decryption device* The 
contents key generation section generates the contents key 
based on the second decryption limitation and the data 
sequence key. 



15 In one aspect of this invention, the decryption 

device further includes a data sequence key generation 
section for generating a data sequence key based on a data 
sequence input to or output from the decryption device . The 
contents key generation section generates the contents key 

20 based on the second decryption iimitation, the time-varying 
key, and the data sequence key. 

According to another aspect of the present invention , 
there is provided a recording medium storing a program for 

25 use in causing a computer to perform cryptographic 
communication with an encryption device using a contents 
key. The program causes the computer to function as a 
contents key generation section for generating the contents 
key from a second decryption limitation, and a first 

30 decryption section for decrypting encrypted contents using 
the contents key generated by the contents key generation 
section - 
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In one aspect of this invention, the program causes 
the computer to further function as a decryption limitation 
updating section for updating a first decryption limitation 
to the second decryption limitation in accordance with a 
5 decryption limitation updating rule, and an encryption 
section for encrypting the second decryption limitation 
using a time-varying key, and outputting a first encrypted 
decryption limitation. 

10 In one aspect of this invention, the program causes 

the computer to further function as a common key storage 
section for storing the common key, a random number 
generation section for generating a second random number, 
a mutual authentication section for performing mutual 

15 authentication in association with the encryption device 
using the second random number and a first random number, 
a time-varying key generation section for generating the 
time- varying key using the second random number and the first 
random number in response to the authentication by the mutual 

20 authentication section, and a second decryption section for 
decrypting a first encrypted decryption limitation using 
the time-varying key. 

In one aspect of this invention, the program causes 
25 the computer to further function as a decryption limitation 
updating section for updating a first decryption limitation 
to the second decryption limitation in accordance with a 
decryption limitation updating rule, and a contents key 
generation section for generating the contents key based 
30 on the second decryption limitation obtained by the 
decryption limitation updating section. 



In one aspect of this invention, the program causes 
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the computer to further function as a second common key 
storage section for storing the common Key, a second random 
number generation section for generating the second random 
number, a mutual authentication section for performing 
5 mutual authentication in association with the encryption 
device using the second random number and a first random 
number, a time -varying key generation section for 
generating a time-varying key using the second random number 
and the first random number in response to the authentication 
10 by the mutual authentication section, and a second 
decryption section for decrypting encrypted decryption 
limitation using the time -varying key. 

In one aspect of this invention, the time- varying 
15 key generation section generates the time-varying key based 
on the first and second random numbers and the common key. 

In one aspect of this invention , the contents key 
generation section generates the contents key based on the 
20 second decryption limitation and the time -varying key. 

In one aspect of this invention, the program causes 
the computer to further function as a data sequence key 
generation section for generating a data seguence key based 
25 on a data sequence input to or output from a decryption device . 
The time-varying key generation section generates the 
time-varying key based on the first and second random numbers 
and the data sequence key. 

30 In one aspect of this invention, the program causes 

the computer to further function as a sequence key generation 
section for generating a data sequence key based on a data 
sequence input to or output from a decryption device. The 
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time- varying key generation section generates the time- 
varying key based on the first and second random numbers, 
the common key, and the data sequence key_ 



5 In one aspect of this invention, the program causes 

the computer to further function as a data sequence key 
generation section for generating a data sequence key based 
on a data sequence input to or output from a decryption device . 
The contents key generation section generates the contents 
10 key based on the second decryption limitation and the data 
sequence key. 

In one aspect of this invention, the program causes 
the computer to further function as a data sequence key 
15 generation section for generating a data sequence key based 
on a data sequence input to or output from a decryption device. 
The contents key generation section generates the contents 
key based on the second decryption limitation, the 
time -varying key, and the data sequence key. 

20 

Thus, the invention described herein makes possible 
the advantages of (1) providing a copyright protection 
system, an encryption device, a decryption device, and a 
recording medium, in which a decryption limitation is 

25 reliably updated and unauthorized decryption of digital 
contents is prevented, and (2) providing a copyright 
protection system, an encryption device, a decryption 
device, and a recording medium, in which, when update 
information on a decryption limitation updated by a 

30 decryption device is received by a false encryption device 
pretending to be an authenticated encryption device 
(instead of the authenticated encryption device), contents 
loaded from the authenticated encryption device cannot be 
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decrypted by the decryption device. 



These and other advantages of the present invention 
will become apparent to those skilled in the art upon reading 
5 and understanding the following detailed description with 
reference to the accompanying figures. 



BRIEF DESCRIPTION OF THE DRAWINGS 

10 Figure 1 is a diagram showing a configuration of a 

system according to Example 1 of the present invention. 



Figure 2 is a flowchart showing processing steps of 
the system of Example 1 . 

15 

Figure 3 is a diagram showing a configuration of a 
system according to Example 2 of the present invention. 

Figure 4 is a diagram showing a configuration of a 
20 system according to Example 3 of the present invention. 

Figure 5 is a diagram showing a configuration of a 
system according to Example 4 of the present invention. 

25 Figure 6 is a diagram showing a configuration of a 

system according to Example 5 of the present invention* 

Figure 7 is a diagram showing a configuration of a 
system according to Example 6 of the present invention. 

30 

Figure 8 is a diagram showing a configuration of a 
system according to Example 7 of the present invention. 
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Figure 9 is a diagram showing another configuration 
of the system of Example 7 . 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 

5 

Hereinafter, the present invention will be 
described by way of illustrative examples with reference 
to the accompanying drawings. In the present invention, a 
decryption limitation is used to generate a common key which 
10 is used to encrypt digital contents. 

(Example 1) 

Figure 1 is a diagram showing a configuration of a 
system according to Example 1 of the present invention, in 
15 which cryptographic communication is performed between an 
encryption device 101 and a decryption device 102, 

The encryption device 101 includes: a common key 
storage section 103 for storing a common key UK: a 

20 decryption limitation storage section 111 for storing a 
decryption limitation; a contents storage section 121 for 
storing contents CT; a random number generation section 105 
for generating a random number Rl? a mutual authentication 
section 107 for performing mutual authentication with the 

25 decryption device 102 using the random number Rl, a random 
number R2 transferred from the decryption device 102, and 
the common key UK; a time -varying key generation 
section 109 for generating a time-varying key VK every time 
the mutual authentication using the random numbers Rl and 
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R2 is performed in the mutual authentication section 107; 
an encryption section 113 for encrypting the decryption 
limitation SI using the time- varying key VK, and output ting 
an encrypted decryption limitation S2; a decryption 
5 section 115 for decrypting an encrypted decryption 
limitation S3 transferred from an encryption section 116 
of the decryption device 102, using the time-varying key VK, 
to a decryption limitation S4, and writing the decryption 
limitation S4 to the 1 decryption limitation storage 
10 section 111; a contents key generation section 117 for 
generating a contents key CK from the decryption 
limitation E4; and an encryption section 119 for encrypting 
the contents CT using the contents key CK, and outputtlng 
encrypted contents S5. 

15 

The decryption device 102 includes: a common key 
storage section 104 for storing the common key UK; a random 
number generation section 106 for generating the random 
number R2; a mutual authentication section 108 for 

20 performing mutual authentication with the encryption 
device 101 using the random numbers Rl and R2 and the common 
key UK; a time-varying key generation section 110 for 
generating the time-varying key VK in response to the mutual 
authentication in the mutual authentication section 108; 

25 a decryption section 114 for decrypting the encrypted 
decryption limitation S2 using the time-varying key VK; a 
decryption limitation updating section 112 for updating the 
decryption limitation S4 based on a decryption limitation 
updating rule using the decryption limitation SI decrypted 

30 in the decryption section 114; an encryption section 116 
for encrypting the decryption limitation S4 using the 
time- varying key VK, and outputting the encrypted 
decryption limitation S3; a contents key generation 
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section lie for generating the contents key CK from the 
decryption limitation S4; and a decryption section 120 for 
decrypting the encrypted contents S5 using the contents 
key CK, and out put ting the contents CT. 

5 

The encryption device 101 and the decryption 
device 102 include the respective common key storage 
sections 103 and 104 to hold the same common key UK. The 
same common key UK is stored in the common key storage 
10 sections 103 and 104 in advance,, or produced in a production 
process. 

The encryption device 101 includes the decryption 
limitation storage section 111 for storing the decryption 

15 limitation Si and the contents storage section 121 for 
storing the contents CT. The common key storage 
section 103 , the decryption limitation storage section 111, 
and the contents storage section 121 are provided in a 
protect region which is not accessed directly from the 

20 outside of the encryption device 101. 

Figure 2 is a flowchart showing processing steps of 
the system 100 of Example 1. The processing steps of the 
system 10O including the encryption device 101 and the 
25 decryption device 102 are hereinafter described with 
reference to Figures 1 and 2. 

The encryption device 101 and the decryption 
device 102 include the respective random number generation 
30 section 105 and 106 which generate the random numbers Rl 
and R2 which are independent of each other. The random 
numbers Rl and R2 are exchanged between the encryption 
device 101 and the decryption device 102- The decryption 

f 
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device 102 generates a response value VI using the random 
number Rl and the common key UK- The encryption device 101 
generates a response value V2 using the random number R2 
and the common key UK * The response values VI and V2 are 
exchanged between the encryption device 101 and the 
decryption device 102. The mutual authentication 

sections 107 and 108 compares the response value VI with 
the response value V2 to determine whether the other device 
is authentic. In this manner, a challenge-response type 
mutual authentication is performed (S201). 

A determination is made whether the authentication 
is established in the encryption device .101 and the 
decryption device 102 (S202) . If it is determined that the 
15 authentication is not established (NO in S202) , the process 
is ended. If it is determined that the authentication is 
established (YES in S202), the time-varying key generation 
sections 109 and 110 generate the same time-varying key VK, 
which is changed at every mutual authentication* from the 
20 respective random numbers Rl and R2 (S203) . Thereafter, 
the decryption limitation SI stored in the decryption 
limitation storage section 111 of the encryption device 101 
is encrypted in the encryption section 113 using the 
time- varying key VK, and the encrypted decryption 
25 limitation S2 is transferred to the decryption device 102 
(S204). 



©036/036 
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10 



The decryption section 114 decrypts the received 
decryption limitation S2 using the time-varying key VK 
30 (S205), The decryption limitation updating section 112 
updates the decryption limitation SI decrypted in the 
decryption section 114, in accordance with the decryption 
limitation updating rule (S206). The encryption 
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section 116 encrypts the updated decryption limitation S4 
using the time -varying key VK (S207), and outputs the 
encrypted decryption limitation S3 to the encryption 
device 101. The decryption section 115 decrypts the 
transferred encrypted decryption limitation S3 using the 
time-varying key VK, and stores the updated decryption 
limitation S4 in the decryption limitation storage 
section 111 (S208) . 

The contents key generation section 117 generates 
the contents key CK from the decryption limitation S4 
(S209) . When the contents CT stored in the contents storage 
section 121 are transferred from the encryption device 101 
to the decryption device 102, the encryption section 119 
encrypts the contents CT using the contents key CK (S210) „ 
The contents key generation section 118 generates the 
contents key CK from the decryption limitation S4 (S211). 
The encryption section 120 in the decryption device 102 
decrypts the encrypted contents S5 using the contents 
key CK (S212) - 

In Example 1, contents are transferred from an 
encryption device to a decryption device after 
authentication is established at a single time. 
Alternatively , mutual authentication may be performed every 
time the transfer of contents between encryption and 
decryption devices occurs. In Example 1, the time-varying 
key VK is generated using the random numbers Rl and R2 which 
are used in mutual authentication. Alternatively, the 
time-varying key VK may be generated using the response 
values VI and V2- 

Dif f erent algorithms or the same algorithm may be 
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used to encrypt and decrypt a decryption limitation and 
contents. An example of an algorithm is DES (Data 
Encryption Standard) . 

5 Different algorithms or the same algorithm may be 

used to generate a time-varying key and a contents key. An 
example of an algorithm is a one-way function, such as SHA 
(Secure Hash Algorithm). 

10 m Example 1, for the sake of simplicity, 

transmission and reception are performed by the mutual 
authentication sections 107 and 108, the encryption 
section 113, the decryption section 114, the decryption 
section 115, the encryption section 116, the encryption 
15 section 119, and the decryption section 120. The 
transmission and reception are typically managed by control 
sections 122 and 123. The same applies to examples 
described later. 

20 As described above, the copyright protection system 

of Example 1 performs cryptographic communication by 
associating the copyrighted contents CT with update 
information on a decryption limitation (the decryption 
limitation S4) . Therefore, the contents CT cannot be 

25 decrypted unless the decryption limitation SI is updated 
in an authorized manner. 

( Example 2 ) 

Figure 3 is a diagram showing a copyright protection 
30 system 200 according to Example 2 of the present invention. 
In Figure 2, the same components as those in Figure 1 are 
Indicated by the same reference numerals. The description 
thereof is thus omitted. 
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In the copyright protection system 100, a 
decryption limitation S4 updated in a decryption limitation 
updating section 112 is encrypted/decrypted and then 
transferred as is in the copyright protection system 100. 
In the copyright protection system 200, the decryption 
limitation S4 is not stored in a decryption limitation 
storage section 111, but a decryption limitation updating 
section 223 is provided "in an encryption device 201. 



A decryption limitation updating section 212 in a 
decryption device 202 transfers only a decryption 
limitation updating instruction CC to update a decryption 
limitation SI to the decryption limitation updating 
15 section 223. The decryption limitation updating 

section 223 receives the transferred decryption limitation 
updating instruction CC r updates the decryption 
limitation SI, and stores the updated decryption 
limitation S4 in a decryption limitation storage 
20 section 211. 

As described above, the copyright protection 
system 200 does not need to transfer the updated decryption 
limitation S4 associated with generation of the contents 

25 Key CK from the decryption device 202 to the encryption 
device 201. Therefore, the secrecy of the decryption 
limitation S4 is increased. Further, an encryption section 
and a decryption section (e.g., 116 and 115, respectively, 
in Figure 1) which involve transfer of the updated 

30 decryption limitation S4 can be deleted, thereby making it 
possible to reduce the size of the system. 
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(Example 3) 

Figure 4 is a diagram showing a copyright protection 
system 3O0 according to Example 3 of the present invention. 
In Figure 4, the same components as those in Figure 1 are 
5 indicated by the same reference numerals . The description 
■thereof is thus omitted. 

In the copyright protection system 200 of Figure 2, 
the decryption limitation updating section 223 in the 
10 encryption device 201 updates the decryption limitation Si 
according to the updating instruction CC from the 
decryption limitation updating section 212. Unlike the 
copyright protection system 200, in the copyright 
protection system 300, the decryption limitation updating 
15 section 323 updates a decryption limitation SI previously 
stored in a decryption limitation storage section 311 in 
an encryption device 301. A contents key generation 
section 117 generates a contents key CK using an updated 
decryption limitation S4- The decryption limitation 
20 updating section 323 stores the updated decryption 
limitation S4 in a decryption limitation storage 
section 311 in response to an encryption section 319 
starting encryption of contents CT. 

25 as described above, in the copyright protection 

system 300 of Example 3, the decryption limitation SI is 
not updated according to the instruction from a decryption 
device 302, but the decryption limitation updating 
section 323 previously updates the decryption 

30 limitation SI and the contents key generation section 117 
generates the contents key CK. Therefore, the processing 
steps can be reduced. 
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(Example 4) 

Figure 5 is a diagram showing a copyright protection 
system 400 according to Example 4 of the present invention. 
In Figure 5. the same components as those in Figure 1 are 
5 indicated by the same reference numerals. The description 
thereof is thus omitted. 

In the copyright protection system 400, time- 
varying Key generation sections 409 and 410 generate a 
10 time-varying key VK using a common key TO in addition to 
random numbers Rl and R2. For example, the time-varying 
key VK is generated by an exclusive OR of the random 
numbers Rl and R2 and the common key UK, and converting the 
result using a one-way function. 

15 

As described above, according to the copyright 
protection system 400, the time-varying key VK is generated 
not only by the random numbers Rl and R2 which can be 
externally monitored, but in association with the secret 
20 common key UK. Therefore, the time-varying key VK is 
difficult to infer, thereby making it possible to improve 
the secrecy of the time -varying key VK. 



25 



30 



(Example 5) 

Figure 6 is a diagram showing a copyright protection 
system 500 according to Example 5 of the present invention. 
In Figure 6, the same components as those in Figure 1 are 
indicated by the same reference numerals - The description 
thereof is thus omitted. 

In the copyright protection system 500, contents 
key generation sections 517 and 518 generate a contents 
key CK using a time-varying key VK in addition to an updated 
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decryption limitation S4 . For example , the contents key CK 
is generated by an exclusive OR of the decryption 
limitation S4 and the time-varying key VK, and converting 
the result using a one-way function. 

As described above, according to the copyright 
protection system 500 of Example 5, the contents key CK is 
generated not only by the updated decryption limitation S4 . 
' but in association with the time-varying key VK which 
XO time-seguencially varies in each mutual authentication. - 
Therefore, the cryptographic security of contents can be 
improved . 

(Example 6) 

15 Figure 7 is a diagram showing a copyright protection 

system 600 according to Example 6 of the present invention, 
in Figure 7 , the same components as those in Figure 1 are 
indicated by the same reference numerals. The description 
thereof is thus omitted - 

20 

in the copyright protection system 600, an 
encryption device 601 and a decryption device 602 include 
data sequence key generation sections 625 and 626, 
respectively, which generate a data sequence key TK1 from 

25 all or part of data input to or output from the encryption 
device 601 and the decryption device 602. In this case, 
such input or output data include random numbers Bl and R2, 
response values VI and V2. encrypted decryption 
limitations S2 and S3 , and encrypted contents S5 . The data 

30 sequence key TK1 is additionally used to generate a contents 
key CK in contents key generation sections 617 and 618. 



The data sequence Key TKX may be generated by 
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counting a High or Low level of each input/output data, for 
ample. The tiine-varying key VK may be generated by an 
exclusive OR of the random numbers Rl and R2 and the data 
sequence Key TK1, and converting the result using a one-way 
function- All input/output data are not necessarily used 
to generate the data sequence key TK1. A part of the 
input /output data may be used. 

As described above, in the copyright protection 
system 600, data input to or output from the encryption 
device 601 and the decryption device 602 are monitored, and 
the data sequence key TK1 common to both devices is generated 
from the input/output data so that the generated data 
sequence key TK1 is associated with generation of the 
contents key CK. Therefore, since the same data is input 
to and output from an encryption device and a decryption 
device in a cryptographic system, pretending can be 
prevented . 



20 (Example 7) 

Figure 8 is a diagram showing a configuration of a 
system 800 in which cryptographic communication is 
performed between an encryption device 101 and a decryption 
device 102. Referring to Figure 8, the encryption 
25 device 101 and the decryption device 102 are directly 
connected to each other. In Figure 8, the same components 
as those in Figure 1 are indicated by the same reference 
numerals. The description thereof ie thus omitted. 

30 The system 800 Includes a contents reproduction 

device 801 for reproducing contents. The the encryption 
device 101 is attached to the contents reproduction 
device SOI. The contents reproduction device 801 further 
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includes . decryption device 102 described in Example 1 and 
_ reproduction section ..2 for reproducing contents 
decrypted by the decryption device 102. 

As described above, the decryption device 102 

, -i Tir-i vidftd in the contents 

describe* in Example 1 may be included in 

. ^ Qri1 T ys e encryption device 101 

reproduction device 801. Trie enoty* 

described in Example 1 is attached to 
reproduction device 8.1. The encryption ^ 
L0 attached to the contents reproduction device 801 and the 
decrypts device 102 included in the contents reproduction 
device 801 performs cryptographic communication as 
described in Example 1. 

15 The contents reproduction device 801 may be a 

cellular telephone, an audio player , or a personal computer . 
The encryption device 101 may be a memory card. The 
encryption device 101 may be any of the encryption 
devices 201 through 601 described in Examples 2 through 6. 
20 The decryption device 102 may be any of the decryption 
devices 202 through 602 described in Examples 2 through 6. 

The decryption device 102 may be operated in 
accordance with a program for operating the decryption 
25 device described in any of Examples 1 through 6. read from 
a recording medium 803 in which the program is recorded. 
The recording medium 803 may be a CD-ROM. 

Figure 9 is a diagram showing another configuration 
30 of the system 800 in which cryptographic communication is 
performed between the encryption device 101 and the 
decryption device 102. Referring to Figure 9, the 
encryption device 101 and the decryption device 102 are 
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directly connected to each other via an electric 
communication line. In Figure 9, the same components as 
those in Figures 1 and 8 are indicated by the same reference 
numerals. The description thereof is thus omitted. 

5 Referring to Figure 9, the system 900 includes a 

contents reproduction device 801 for reproducing contents, 
a nd an electric communication line 903 connectxng the 
contents reproduction device 801 and a server 901. The 
10 contents reproduction device ..1 includes a *«™tt«n 
device 102 described in Example 1 and a reproduction 
section 802 for reproducing contents decrypted by the 
decryption device 102. An encryption device 101 described 
in Example 1 is attached to the server 901. 

in this manner. the contents reproduction 
device 801 for reproducing contents and the server 901 are 
connected to each other via the electric communication 
line 903. The encryption device 101 is attached to the 
server 901. The encryption device 101 attached to the 
server 901 and the decryption device 102 included in the 
contents reproduction device 801 perform cryptographic 
communication via the electric communication line 903. 



The electric communication line 903 may be the 
Internet or a local area network (LAN) . 

Similar to the example of Figure 8. the contents 
reproduction device 801 may be a cellular telephone, an 
audio player, or a personal computer. The encryption 
device 101 may be a memory card. The encryption device 101 
may be any of the encryption devices 201 through 601 
described in Examples 2 through 6. The decryption 
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* *-v^ ri-ervntion devices 202 througli 
device 102 may toe any of the decryption « 

602 described in Examples 2 through 6. 

Similar to the example of Figure 8 , the decryption 
device 102 may be operated in accordance with a program for 
X-ing the decryption device desc ^ - f 
Examples 1 through 6, read from a recording medxum 803 xn 
Examples l xn a recording medium 803 may 

which the program is recorded. The record* a 

be a CD-ROM. 

in Figure 9, the encryption device 101 and the 
decryption device 102 are connected to each other via the 
electric communication line 903. This inventxon » not 
limi ted to this. The encryption device 101 and the 
decryption device 102 may be connected to each other vxa 
a wireless communication lixie- 

As described above, according to the present 
invention, a copyright protection system in which a 
decryption limitation is reliably updated and unauthorized 
decryption of digital contents is prevented, an encryption 
device, a decryption device, and a recording medium, can 
"be provided. 

Further, according to the present Invention, a 
copyright protection system, an encryption device, a 
decryption device, and a recording medium can be provided, 
in which, when update information on a decryption limitation 
updated by a decryption device is received by a false 
encryption device pretending to be an authenticated 
encryption device (Instead of the authenticated encryption 
device), advantageously contents loaded from the 
authenticated encryption device cannot be decrypted by the 
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decryption device. 

wn«« to the present invention, a 
Further, according to tne P t , . „ 

convright protection system, an encryption device a 
copyngnr pt rBf . ordin£t medium can be provided, 

decryption device, and a recording me performed by 

MMrh crvntographic communication is performea y 
" atin^pyrighted contents with update information 
:\°S^tat^ and, therefore, advantageously 
t L eont^ts cannot he decrypted unless the decryption 
limitation is updated in an authorized manner. 

Further, according to the present invention, a 
copyright protection system, an encryption device a 
decryption device, and a recording medium can he provided 
in which updated decryption limitation associated with 
generation of a contents key does not need to he transferred 
from a decryption device to an encryption device and 
therefore, advantageously the secrecy of the decryption 
limitation is increased, and further, an encryption section 
and a decryption section which involve transfer of the 
updated decryption limitation can be deleted, thereby 
advantageously making it possible to reduce the size of the 
system. 

Further, according to the present invention, a 
copyright "protection system, an encryption device, a 
decryption device, and a recording medium can be provided, 
in which a decryption limitation is not updated according 
to an instruction from a decryption device, but rather a 
decryption limitation updating section previously updates 
the decryption limitation and a contents key generation 
section generates the contents key and, therefore, 
advantageously the processing steps can be reduced. 
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t-o the present invention, a 
Further. ««r-»gto «- * a 

copyrig « T^can be previa. 

O «nriation with a secret common Key 

.i ^ i f fi rnlt to infer, ineieuj 
time-varying key is difficult 

time vcu-jfj. ^ * . , , . inraroV e the secrecy 

advantageously making it possible to improve x 

of the time-varying key. 

Further, according to the present invention, a 
copyright protection system, an encryption device a 
decryption device, and a recording medium can be provided, 
L5 in which data input to or output from an encryption device 
and a decryption device are monitored, and a data sequence 
Key common to both devices is generated from the input/output 
data so that the generated data sequence key is associated 
with generation of a contents key and. therefore, pretending 
20 can be advantageously prevented; 

Various other modifications will be apparent to and 
can be readily made by those skilled in the art without 
departing from the scope and spirit of this invention. 
25 Accordingly, it is not intended that the scope of the claims 
appended hereto be limited to the description as set forth 
herein, but rather that the claims be broadly construed. 
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WHAT IS CLAIMED ISs 

i A copyright protection system comprising-. 

L encryption device and a decryption device, 
herein cryptographic communication is performed between 
wherein crypxog * deo rvT>tion device using a 

the encryption device and the decrypt! 

contents key. 

wherein the encryption device includes 

a contents- storage section for storing 

contents, ^ conte nts key generation section for 

generating the contents key based on a second decryption 
imitation obtained by updating a first decryption 

limitation, and 

a first encryption section for encrypting the 
contents using the contents key and outputting the encrypted 

contents , and 

wherein the decryption device includes 

a second contents key generation section for 
generating the contents key from the second decryption 

limitation , and 

a first decryption section for decrypting the 
encrypted contents using the contents key generated by the 
second contents key generation section. 

2. A copyright protection system according to claim 1. 
. wherein the decryption device further includes 

a decryption limitation updating section for 
updating the first decryption limitation to the second 
decryption limitation in accordance with a decryption 
limitation updating rule, and 

a second encryption section for encrypting the 
second decryption limitation using a time-varying key. and 
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*->^ *irst encrypted decryption limitation, 
outputting the first eiicr ^ further includes a 

wherein the encryption deva.ce tur 
, decrYP tion section for decrypting the first 
TnfryPted d^ption ligation transferred fro. the second 
enor^tlon S e"on using the t^e-varying Key to generate 
thp second decryption limitation, 

„LeiHhe first contents Key generation section 
generates the contents Key hased on the second decryption 
flotation 3 e^ W "tb. second decryption section . 

3 A oopyrlght protection system according to olal* 2. 
Wherein the encryption device farther includes 

a first common key storage section for storing 

a common key, 

a decryption limitation storage section for 

storing the first decryption limitation. 

a first random number generation section for 

generating a first random number, 

a first mutual authentication section for 
performing mutual authentication in association with the 
decryption device using the first random number, and a second 
random number transferred from the decryption device, 

a first time-varying key generation section for 
generating the time-varying key using the fi»* random 
number and the. second random number in response to the 
authentication by the first mutual authentication section, 
and 

a third encryption section for encrypting the 
first decryption limitation using the time-varying key and 
output ting the second encrypted decryption limitation, and 
wherein the decryption device further includes 
a second common key storage section for storing 
the common key, 
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a second random numher generation section for 

P6rf ~ r r:::ir 

encryption device using the secona 

fi„t rando- — time . varylng key Ration taction 
for generating the time- varying Kay using the second random 
.„a the first random number in response to the 
r hent^tionV the second mutuax authentication saction . 



and 



a third decryption section for decrypting the 
second encrypted decryption Imitation using the ti*,e- 

varying key. 

4. A copyright protection system according to claim 1 
wherein the decryption device further includes a first 
decryption limitation updating section for updating the 
first decryption limitation to the second decryption 
limitation in accordance with a decryption limitation 

updating rule, and 

a. second contents Xey generation section for 
generating the contents key based on the second decryption 
liinitation updated by the first decryption limitation 

up dat in g s ect ion , 

wherein the encryption device further includes a 
second decryption limitation updating section for updating 
the first decryption limitation to the second decryption 
limitation in accordance with the decryption limitation 
updating rule in response to the updating of the first 
decryption limitation by the first decryption limitation 

updating section, 

the first contents Key generation section generates 
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section- 

5 A copyright protection system according to claim 4, 
wherein the encryption device further includes 

a first common key storage section for storing 

a. common key, 

a decryption limitation storage section for 

storing the first decryption limitation, 

a first random number generation section for 

generating a first random number, 

a first mutual authentication section for 
performing mutual authentication in association *ith the 
decryption device using the first random number, and a second 
random number transferred from the decryption device, 

a first time-varying key generation section for 
generating a time-varying key using the first random number 
and the second random number in response to the 
authentication by the first mutual authentication section, 
and 

a second encryption section for encrypting the 
first decryption limitation using the time-varying key and 
outputting an encrypted decryption limitation, and 

wherein the decryption device further Includes 
a second common key storage section for storing 

the common key, 

a second random number generation section for 

generating the second random number, 

a second mutual authentication section for 
performing mutual authentication in association with the 
encryption device using the second random number and the 
first random number. 
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. second time-v^ing *ey generation section 
^4«r» v^v using the second ranaom 
f « -spo.se to the 

S^tT^---- authentication section. 

* second decryption paction for decrypting the 
encrypted decryption Imitation using the time-varying Key . 

6 A copyright protection system according to claim 5. 

wherein the -cond decryption station updating section - 

updates the first decryption limitation to the second 

decryption limitation in advance, 

the first contents key generation section generates 
the contents key from the second decryption limitation, and 
the second decryption limitation updating section 
stores the second decryption limitation in the decryption 
limitation storage section in response to the start of 
processing by the first encryption section - 

7 a copyright protection system according to claim 3, 
wherein the first and second time-varying key generation 
sections generate the time-varying key based on the first 
and second random numbers and the common key. 

8. A copyright protection system according to claim 3, 
wherein the first and second contents key generation 
sections generate the contents key based on the second 
decryption limitation and the time-varying key. 

9. A copyright protection system according to claim 3, 
wherein the encryption device and the decryption device 
further include respective first and second data sequence 
key generation sections for generating a data sequence key 
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, nT1 , lt to or output from the 
based on a data sequence input to or v 

Zltion device and the decryption device, and 
encrypt.cn - ^ ^ tl-> Key 

general section, generate the time-varying 

. irst and second random numbers and the respective data 

sequence key- 

10 A copyright protection system according to claim 3, 
wherein tL encryption device and the decryption device 
^her include respective first and second data sequence 
key generation sections for generating a data sequence Key 
.tied on a data sequence input to or output from the 

encryption device and the decryption device, and 

wherein the first and second time-varying key 

generation sections generate the t^e-varying Key based on 

the first and second random numbers, the common Key, and 

the respective data sequence Key. 

11. A copyright protection system according to claim 3, 
wherein the encryption device and the decryption device 
further include respective first and second data sequence 
key generation sections for generating a data sequence Key 
based on a data sequence input to or output from the 
encryption device and the decryption device, and 

wherein the first and second contents key generation 
sections generate the contents key based on the second 
decryption limitation and the respective data sequence key. 

12. A copyright protection system according to claim 3, 
wherein the encryption device and the decryption device 
further include respective first and second data sequence 
Key generation sections for generating a data sequence Key 
hased on a data sequence input to or output from the 
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decryption limitation, 
respective data sequence key. 

13. A copyright protection system according to claim 3 
herein th" irst and second mutual authentication sect lonS 
ro utually authenticate the decryption device and the 
encryption device, respectively, hy communication in 
accordance with a challenge -response type authentication 
protocol. 

14 An encryption device for performing cryptographic 
communication in association with a decryption device using 
a contents key, comprising: 

a contents storage section for storing contents; 
a contents key generation section for generating the 
contents key based on a second decryption limitation 
obtained by updating a first decryption limitation; and 

a first encryption section for encrypting the 
contents using the contents key and outputting the encrypted 
contents . 

15. An encryption device according to claim 14, further 
including a decryption section for decrypting the first 
encrypted decryption limitation .transferred from the 
decryption device using the time-varying key to generate 
the second decryption limitation, and 

the contents key generation section generates the 
contents key based on the second decryption limitation 
generated by the decryption device. 
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«. *n encryption device according to ol*. W. 
inelUdln9 . common Hey st=« 3 e section «r storing . 

°° m ° a decryption Imitation storage section for 

storing the first decryption limitation, 

a first random number generation section for 

o.neratina a first random number. 

9 a mu tual authentication section for performing 

m utual authentication in association with the 
d evioe u S ing the first random number, and a second random 
number transferred from the decryption device, 

a time-varying key generation section for 
generating the ti^e-varying Key using the first random 
number and the second random number in response to the 
authentication by the mutual authentication section, and 
a second encryption section for encrypting the 
first decryption limitation using the time-varying key and 
outputting the second encrypted decryption limitation. 

17. An encryption device according to claim 14. further 
including a decryption limitation updating section for 
updating the first decryption limitation to the second 
decryption limitation in accordance with a decryption 
limitation updating rule in response to the updating of a 
decryption limitation by the decryption device. 

wherein the contents key generation section 
generates the contents key based on the second decryption 
limitation obtained by the decryption lactation updating 
section- 

18. An encryption device according to claim 17, further 
including 
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a common Key borage section for storing a 

COltmi011 a dec ryption limitation storage section for 

storing the first decryption limitation, 

storing ^ ffenor(rtioll sectlon for 

Generating a first random number, 

a mutual authentication section for performing 
mutua l authentication in association with the 
device using the first random number, and a second random 
number transferred from the decryption device, 

a time-varying key generation section for 
generating a time-varying key using the first random number 
and the second random number in response to the 
authentication by the mutual authentication section, and 
a second encryption section for encrypting the first 
decryption limitation using the time-varying key and 
outputting an encrypted decryption limitation. 

19. An encryption device according to claim 17, wherein: 
the decryption limitation updating section updates 
the first decryption limitation to the second decryption 

limitation in advance ; 

the decryption limitation updating section outputs 
the second decryption limitation to the contents key 

generation section: 

the contents key generation section generates the 
contents key from the second decryption limitation; and 

the decryption limitation updating section stores 
the second decryption limitation in the decryption 
limitation storage section in response to the start of 
processing by the first encryption section. 



20. An encryption device according to claim 16, wherein 
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varying key based on the first ana 
and the common Key. 

21 An encryption device according to clai*. 1* . the 
content* generation motion generates the contents Key 
bas ed on the second decryption Ration and the t im e 

varying key. 

22 An encryption device according to claim 16. further 
including a data sequence key generation section for 
generating a data sequence Key based on a data sequence input 
to or output from the encryption device, 

the tUne-varying key generation section generates 
the time-varying key based on the first and second random 
numbers and the data sequence key. 

23. An encryption device according to claim 16, further 
including a data . sequence key generation section for 
generating a data sequence key based on a data sequence input 
to or output from the encryption device, 

wherein the time-varying key generation section 
generates the time-varying Key based on the first and second 
random numbers, the common key, and the data sequence key. 

24. An encryption device according to claim 16, further 
including a data sequence key generation section for 
generating a data sequence key based on a data sequence input 
to or output from the encryption device, 

wherein the contents key generation section 
generates the contents key based on the second decryption 
limitation and the data sequence key. 
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,„ 0 r output from the encryption device. 

herein the content, Hey generation - 
erate" the content, key based, on the second decryption 
generates the con „ a the data sequence Key. 

limitation, the time-varying key. ana tn 

26 a decryption device for performing cryptographic 
communicat^n in association with an encryption device 
using a contents key. comprising: ^ ntlY ^ 
a contents key generation section for generating the 
content, Key fro- a second decryption limitation s and 

a first decryption section for decryptxng encrypted 
contents using the contents key generated by the contents 
Key generation section. 

27. A decryption device according to claim 26. further 
including 

a decryption limitation updating section for 
updating a first decryption limitation to the second 
decryption limitation in accordance with a decryption 
limitation updating rule, and 

an encryption section for encrypting the second 
decryption limitation using a time-varying Key, and 
outputting the first encrypted decryption limitation. 

28. A decryption device according to claim 27, further 
including 

a common Key storage section for storing the common 

lcey 

a random number generation section for generating 
the second random number , 
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a mutual authentication section for performing 
a mutual aSs0 ciation with the encryption 

mutual authentication in association 

aevice using the second random number and a 

number, generation section for 

a time-varying Key H BllCi - 

v _ v usinQ the second random 

a second decryption action for decrypting a to-t 
encrypted decryption station using the t^e-varymg Key. 

3 ,. a decryption device according to dai» 
including a decryption limitation updating section for 
updating the first decryption station to a second 
decryption ligation in accordance with a decryption 

limitation updating rule, 

wherein a contents Key generation section for 
generating the contents Key based on the second decryption 
ligation updated by the decryption limitation updating 
section* 

30. A decryption device according to claim 29, further 

including - 

a second common Key storage section for storing the 

common key, 

a second random number generation section for 
generating the second random number, 

a mutual authentication section for performing 
mutual authentication in association with the encryption 
device using the second random number and a first random 
number , 

a time-varying key generation section for 
generating the time-varying Key using the second random 
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numb er and the first r-oo, number in response to the 
^hentieation by the mutual authentication section^ and 
a second decryption section for decrypting 
encrypted decryption limitation using the ti^e-varying Key . 

31 A decryption device according to claim 28. wherein the 
time-varying key generation section generates the tune- 
varying Key based on the first and second random numbers 

and the common key. 

32 A decryption device according to claim 28. wherein the 
content, key generation section generates the contents key 
based on the second decryption limitation and the tome- 
varying key. 

33. A decryption device according to claim 28. further 
including a data sequence key generation section for 
generating a data sequence key based on a data sequence input 
to or output from the decryption device, 

wherein the time-varying key generation section 
generates the time-varying key based on the first and second 
random numbers and the data sequence key. 

34. A decryption device according to claim 28. further 
including a data sequence key generation section for 
generating a data sequence key based on a data sequence input 
to or output from the decryption device, 

wherein the time-varying key generation section 
generates the time-varying key based on the first and second 
random numbers, the common key, and the data sequence key. 

35. A decryption device according to claim 28, further 
including a data sequence Key generation section for 
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9aKr «m g . data s WM « Key based on a data 

- - -rr-r rrr^. 

generateTthe contents Key based - «- " decryption 

limitation and the data sequence key. 

3 6 a decryption device according to claHn 2B. further 
IncludLgT data serenes Key generation section or 
generating a data sequence Key based on a data sequence input 
to or output from the decryption device. 

wherein the contents Key generation section 
generate, the contents Key based on the second decryption 
limitation, the tUne-varying Key. and the data sequence Key. 

37 A recording medium storing a program for use in causing 
a computer to perform cryptographic communication with an 
encryption device using a contents Key. wherein; 

the program causes the computer to function as = 
a contents Key generation section for 
generating the contents key from a second decryption 

limitation: and 

a first decryption section for decrypting 

encrypted contents using the contents key generated by the 

contents key generation section. 

38. A recording medium according to claim 37, wherein the 
program causes the computer to further function as: 

a decryption limitation updating section for 
updating a first decryption limitation to the second 
decryption limitation in accordance with a decryption 
limitation updating rule; and 

an encryption section for encrypting the second 
decryption limitation using a time-varying key, and 
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outputting a first encrypted decryption station. 

39 A recording medium according to al*. 38 wherein the 

nLral causes the computer tc further function as, 

" 9 » X«y storage section for storing the common 

kSy! a random number generation section for generating 

a second random number; 

a mutual authentication section for performing 
mutuai authentication in association with the encryption 
using the second random number and a first random 

number ; - 

a time-varying key generation section for 

generating the time-varying Key using the second random 
number and the first random number in response to the 

authentication by the mutual authentication section; and 
* second decryption section for decrypting a f tot 

encrypted decryption limitation using the time- varying key. 

40. A recording medium according to claim 37. therein: 

the program causes the computer to further function 
as a decryption limitation updating section for updating 
a ftot decryption limitation to the second decryption 
limitation in accordance with a decryption limitation 

updating rule ; ■ and 

a contents Hey generation section for generating the 
contents key based on the second decryption limitation 
obtained by the decryption limitation updating section. 

41. A recording medium according to claim 40, wherein the 
program causes the computer to further function as: 

a second common key storage section for storing the 
common key: 
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. second random number generation HAW «* 

^ . ^via second random number; 
^T^r L-^io. section for performing 

mutual authentication in association with the 

"vice using the second random number ana a first random 

D ™** C ' . time-varying Key generation section for 
generating » time-varying Key using the second ranao* .number 
La the first random numbsr in response to the authentication 
by the mutual authentication section, and 

a second decryption section for decrypting 
encrypted decryption limitation using the time-varying Key. 

42 a recording medium according to claim 39. wherein the 
time-varying Key generation section generates the tUne- 
varylng Key based on the first ana second random numbers 
and the common key. 

43 A recording medium according to claim 39, wherein the 
content, key generation section generates the contents key 
based on the second decryption limitation and the time- 
varying key. 

44. A recording medium according to claim 39, wherein: 

the program causes the computer to further function 

as a data sequence key generation section for generating 

a data sequence key based on a data sequence input to or 

output from a decryption device; and 

the time-varying key generation section generates 

the time-varying key based on the first and second random 

numbers and the data sequence key. 



45. A recording medium according to claim 39, 
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the program causes the computer to further function 
sequence key based on a data sey 

th e time varying * hased on the first "-J^""*- 
numhers. the common Key. and the data sequence Hey. 

« x recording medium according to clai*. 39. wherein, 

the program causes the computer to further function 

a , a data sequence Hey generation section 

. data sequence key hased on a data sequence input to or 

output from a decryption device, and 

the contents Key generation section generates the 

contents key based on the second decryption ligation and 

the data sequence key. 

47 A recording medium according to claim 39. wherein: 

the program causes the computer to further function 
as a data sequence key generation section for generating 
a data sequence key based on a data sequence input to or 
output from a decryption device: and 

the contents key generation section generates the 
contents key based on the second decryption limitation, the 
tiine-varying key, and the data sequence key. 
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ABSTRACT OF THE DISCLOSURE 

A copyright protection system comprises an 
encryption device and a decryption device. Cryptograph 
encryptxon d en the encry ption device 

communication ** ******* a contents key. The 

j ^Vi^ decryption device using =»■ 
"cryp^o'devlce incudes a contents sto Kfl . section for 
"^contents. » first contents key generation section 
for generating the contents key hased on a second decryption 
Citation obtained hy updating a first decryption 
Station, and a first encryption section for encrypting 
the contents using the contents key and outputting the 
encrypted contents. The decryption device includes , a 
second contents key generation section for generating the 
contents key from the second decryption limitation, and a 
first decryption section for decrypting the encrypted 
contents using the contents key generated hy the second 
contents key generation seotion. 
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I Mutual authentication is penormed by 
"■rt „nl nnthentica *i™ «"*'™ s 107-108 i 
^ ,S202 



S201 



. — - j» rnutuoT 
authentication established, 

«j 



^ YES ^ S203 

^-^E^n^ by tirne-vorying ^^SJ^^,^ 



Decryption limitation S1 is encrypted by encryption section 113, and 
encrypted decryption limitation S2 i s transferred 



[Encrypted dec 



Kmrtction S2 is 



Dtion section 1U 



| Decryption limitation S1 is updated by 

[Decryption limitation S4 is encrypt ed by encryption section_ 1J6_ 

[Encrypted decryption limitation S3 is decrypted by decryption section 115, 
l and decryption limitation S4 is stored 



/-S207 



I Contents key CK is generated by contents key generation section wi rrom 
decryption limitation S4 

( Contents CT ore encrypted by encryption section 119 us ing contents key CK 

(Contents key CK fe generated by contents key generation section 11B trom 
I decryption limitation S4 



S208 

S209 

■S210 
$211 

,S212 



I Cont ents CT are decrypted by decryption section 120 using contents keylR" 



( End ) 
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